package com.czk.springdatar2dbc.config;

import org.springframework.boot.autoconfigure.security.reactive.PathRequest;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

/**
 * @Author: chenzhangkun
 * @CreateTime: 2025-06-03
 * @Description:
 * @Version: 1.0
 */
@Configuration
public class AppSecurityConfiguration {

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        // 配置认证规则,哪些请求需要认证，哪些不需要
        http.authorizeExchange(authorize -> {
            // 允许所有人访问静态资源
            authorize.matchers(PathRequest.toStaticResources().atCommonLocations()).permitAll();
            // 其他氢请求需要登录
            authorize.anyExchange().authenticated();
        });

        // 开启默认的表单登录
        http.formLogin(f -> {

        });
        // 禁用安全控制
        http.csrf(ServerHttpSecurity.CsrfSpec::disable
        );
        return http.build();
    }

}
